fixed rootless docker setup

This commit is contained in:
2026-06-07 17:31:46 +02:00
parent 675bf15828
commit 6eeb3384fe
+12 -1
View File
@@ -187,7 +187,7 @@ After=network.target
[Service] [Service]
User=rss-svc User=rss-svc
Group=rss-svc Group=rss-svc
Environment=PATH=/home/rss-svc/bin:/usr/bin:/bin Environment=PATH=/home/rss-svc/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
Environment=XDG_RUNTIME_DIR=/home/rss-svc/.docker/run Environment=XDG_RUNTIME_DIR=/home/rss-svc/.docker/run
ExecStart=/home/rss-svc/bin/dockerd-rootless.sh ExecStart=/home/rss-svc/bin/dockerd-rootless.sh
Restart=always Restart=always
@@ -216,6 +216,17 @@ Verify it came up (as `rss-svc`, with the `.bashrc` exports loaded):
docker info docker info
``` ```
> **cgroup driver note**: rootless Docker defaults to the **systemd** cgroup driver, which expects a per-user slice (`user-<uid>.slice`) created by a logind session — something we don't have here by design. If `docker compose up --build` later fails with `open /sys/fs/cgroup/user.slice/user-<uid>.slice/cgroup.controllers: no such file or directory`, switch dockerd to manage cgroups itself instead. As `rss-svc`:
> ```sh
> mkdir -p ~/.config/docker
> cat > ~/.config/docker/daemon.json << 'EOF'
> {
> "exec-opts": ["native.cgroupdriver=cgroupfs"]
> }
> EOF
> ```
> then, as your sudo-capable user, `sudo systemctl restart docker-rss-svc`.
**3. Deploy the stack as `rss-svc`:** **3. Deploy the stack as `rss-svc`:**
```sh ```sh